# This role creates Wikitcms release validation events. There should
# always be exactly one host in infra with this role set up and
# relvalconsumer_prod set to True, or else we'll stop getting events.
#
# Required vars
# - wikitcms_user
##       string - FAS username for creating wiki pages
# - wikitcms_password
##       string - password for wikitcms_user
#
# Required vars with defaults
# - relvalconsumer_prod
##       bool - whether this is the production instance. **SHOULD ONLY
##              EVER BE TRUE ON ONE SYSTEM IN THE WORLD**
##       default - False

# note: kept around for when we need packages from u-t
#- name: Install required packages (testing)
#  dnf: name={{ item }} state=present enablerepo="updates-testing"
#  with_items:
#  - python2-fedfind
#  - python2-wikitcms
#  tags:
#  - packages

- name: Install required packages
  dnf: name={{ item }} state=present
  with_items:
  - python2-fedfind
  - python2-wikitcms
  - python2-fedmsg-consumers
  - python2-mwclient
  - python-setuptools
  - relval
  tags:
  - packages

- name: Install required packages (wiki oidc auth)
  dnf: name={{ item }} state=present enablerepo="updates"
  with_items:
  - python2-openidc-client
  when: "wikitcms_token is defined"
  tags:
  - packages

# next two duplicated with openqa/dispatcher, but I kinda don't want to
# move them up somewhere shared, I like the roles to be somewhat usable
# outside of Fedora infra...
- name: Create /etc/fedora (credentials files location)
  file: path=/etc/fedora state=directory owner=root group=fedmsg mode=0750

# We actually want to handle the case where wikitcms_user isn't defined
# even though it makes this role essentially do nothing, as we don't
# really want openqa-stg creating stuff in the staging wiki all the
# time. So in that case install the role but don't set up a credentials
# file and leave the role disabled
- name: Write wikitcms credentials file
  template: src=credentials.j2 dest=/etc/fedora/credentials owner=root group=fedmsg mode=0640
  when: "wikitcms_user is defined and wikitcms_password is defined"
  tags:
  - config

- name: Create /root/.openidc (token file location for manual runs as root)
  file: path=/root/.openidc state=directory owner=root group=root mode=0700

- name: Create /usr/share/fedmsg/.openidc (token file location for fedmsg consumer runs)
  file: path=/usr/share/fedmsg/.openidc state=directory owner=root group=fedmsg mode=0770

- name: Write wikitcms token file for root
  copy: src={{ wikitcms_token }} dest=/root/.openidc/oidc_wikitcms.json owner=root group=root mode=0600
  when: "wikitcms_token is defined"
  tags:
  - config

- name: Write wikitcms token file for fedmsg
  copy: src={{ wikitcms_token }} dest=/usr/share/fedmsg/.openidc/oidc_wikitcms.json owner=root group=fedmsg mode=0660
  when: "wikitcms_token is defined"
  tags:
  - config

- name: Check out relvalconsumer
  git:
    repo: https://pagure.io/fedora-qa/relvalconsumer.git
    dest: /root/relvalconsumer
  register: gitrvc

- name: Install relvalconsumer
  command: "python setup.py install"
  args:
    chdir: /root/relvalconsumer
  when: "gitrvc is changed"
  notify:
  - restart fedmsg-hub

- name: Enable fedmsg consumer
  template: src=relvalconsumer.py.j2 dest=/etc/fedmsg.d/relvalconsumer.py owner=root group=root mode=0644
  when: "wikitcms_user is defined and (wikitcms_password is defined or wikitcms_token is defined)"
  notify:
  - restart fedmsg-hub
  tags:
  - config
